This expanded support for third party assessment and configuration tools via an open application program interface (API) allows any vendor to integrate into Preventsys' system. As a result, Preventsys can consolidate more network data and provide customers a complete view of security risk relative to their corporate and regulatory policies, enabling them to prioritize tasks, view a snapshot of risks for critical systems at any given point and automate their compliance reporting.

"By opening the Preventsys API to more third-party tools, Preventsys is demonstrating its commitment to providing a best-of-breed approach to enterprise security risk management," said Patrick Harr, chief executive officer for Preventsys. "CSOs need to be able to communicate the overall state of security and compliance in a way that is meaningful and takes into account multiple data points. Preventsys is uniquely positioned to correlate those multiple data points, apply policy across the data feeds, quickly ascertain the complete security risk view of an organization and conduct automated comprehensive compliance reporting."

Preventsys' open framework now supports more than 20 assessment, configuration and remediation integrations, providing its customers the ability to choose applications that best fit specific needs independent of existing or de facto systems. Recently added third-party vendors include Alterpoint's Device Authority, Configuresoft's ECM, McAfee's FoundScan vulnerability assessment scanner, Internet Security Systems' Internet Scanner and Site Protector, and the Microsoft Baseline Security Analyzer. By extending support for these additional third party tools, Preventsys ensures that customers can fully leverage existing investments in security and network management and open source tools to obtain a consolidated view of risks across the network and the entire application stack.

"Enterprise customers are increasingly demanding an end-to-end consolidated view of vulnerability, configuration and compliance information showing their overall compliance and security state," said Dave Barry, vice president of business development and strategic alliances for AlterPoint. "Through the product integration between AlterPoint and Preventsys, comprehensive network change and configuration data is combined with other critical vulnerability and configuration data to provide a consolidated view of all IT security risk management components."

According to a Gartner research report entitled "Establish an Effective Information Security Program, Part 2: Pitfalls and Best Practices" by Jay Heiser, Tom Scholtz, F. Christian Byrnes, enforcing "one size fits all" solutions in an effort to reduce complexity and improve cost-effectiveness, information security organizations often attempt to design and enforce a monolithic information security architecture for the enterprise. However, the reality is that different parts of the business (for example, different business units, geographies, application groups) have varying requirements for information security. Attempting to enforce a common solution results, at best, in overkill or insufficient protection for large parts of the organization and, at worst, in the business ignoring the solution.

"Providing a centralized, comprehensive view of enterprise compliance is critical for organizations today," said Randy Streu, vice president of product management at Configuresoft. "Integrating best-of-breed configuration and security compliance products like Enterprise Configuration Manager into a comprehensive security framework is an essential step towards complete configuration visibility and risk management. We are pleased to provide key technology to the Preventsys framework."

Preventsys has pioneered an award-winning proactive risk management system for large enterprises that are frustrated with the difficulty of managing multiple vulnerability assessment and configuration management tools to create risk and compliance reports. Unlike security event management (SEM) products that centralize data from security sensors for event monitoring and managed incident response, the Preventsys Proactive Risk Management System integrates best-of-breed security assessment tools into a proactive risk security dashboard to dramatically cut costs and reduce the time it takes to create comprehensive, custom risk and compliance reports from weeks to seconds.

About Preventsys
The Preventsys Proactive Risk Management System is the only solution that consolidates assessment data from multiple vendor tools into an enterprise dashboard, prioritizes critical remediation tasks and automates security compliance reporting for large government agencies and Fortune 1000 Companies in the financial, telecommunications, technology, and healthcare markets. For more information, visit www.preventsys.com .

Use of this site is governed by our Terms of Use and Privacy Policy.
Copyright 1996- Ziff Davis, LLC. All Rights Reserved.
Reproduction in whole or in part in any form or medium without express written permission
of Ziff Davis, LLC. is prohibited.PCMag Digital GroupAdChoice